Security Scene Errata


   By Kristi Essick
   InfoWorld Electric

   Posted at 3:07 PM PT, May 8, 1998

   The U.S. Navy has been caught attempting to break in to secure
areas of a World Wide Web site sponsored by a U.K. marine-mammal
preservation charity, according to officials at the organization.

[The US Navy has not been caught. IP addresses that correlate
 to Navy machines have been logged in breakins. Why the distinction? 
 Because the article doesn't mention two scenarios: 1) the attacks
 were spoofed as Navy hosts, and 2) that hackers broke into Navy
 machines and used that as a jump point for intrusions into other
 machines.]

   The Whale and Dolphin Conservation Society (WDCS) -- which operates an
online shopping site aimed at generating money for the welfare of the
animals at http://www.wdcs-shop.com -- said it was alerted to the
attempted break-in last week by its site-hosting company, Merchant
Technology Ltd. 

   "We were working late one night, and a command line request came in
wanting to access unauthorized areas of the site," said Andy Fisher,
marketing manager for Merchant. "We were amazed to find out it was the
Pentagon." 

[donhqns1.hq.navy.mil is not the Pentagon I don't think.]

   Merchant built and manages the secure electronic-commerce site for the
conservation society and routinely keeps an eye on who visits. If users
attempt to gain access to unauthorized areas, the company is alerted to
the source of the incoming request. 

   At 9:45 p.m. GMT on April 28, Fisher said, workers at Merchant were
shocked to see an incoming attempt to breach security by a user identified
as donhqns1.hq.navy.mil. 

[This is a machine ID, not a user ID.]

   Merchant got in touch with WDCS immediately, only to find out that the
charity had been contacted by the Navy a few weeks earlier. The Navy was
interested in obtaining a report the group is working on that details the
efforts of Russian animal experts to train dolphins in the Black Sea for
military tasks, such as finding and attaching probes to submarines, Fisher
said. 

   A WDCS representative said that there is nothing secret about the
Russian government's activities in this area but that the document does
contain information about the export of the trained dolphins to foreign
countries. The group declined to give the Navy a copy of the report only
because it was not complete at the time. Once it is made final, the report
will be published and the Navy can then examine it, the representative said.

   The WCDS said that it is confused about why the Navy would attempt
to break in to its Web site.

[This sounds more and more like a user followed a link to a
 password protected portion of the site, and failed a login or something.]

   "I think whoever it was within the U.S. Navy facility would have better
things to do rather than try and hack into our computers," said Chris
Stroud, the organization's director of campaigns, in a statement. "If they
were seeking reports on the Black Sea, we shall be freely publishing these
in the near future anyway." 

   The WCDS previously has commented unfavorably on Navy activities
such as its low-frequency sonar trials off Hawaii and on ship
collisions with endangered whales, the group said.

   Merchant says it is "100 percent sure" the hacking attempt
originated from the Navy. WDCS has notified the U.S. Embassy in London
and the relevant U.K. authorities, the organization said.

[100 percent sure? There is no way to know WHO sat at the terminal
 when the 'hack' was done. Or if it was even someone in the same country.
 It is trivial for hackers to bounce through many systems before reaching
 their destination.]

   "We hope that the U.S. authorities have some rational explanation
for this incident," Stroud said.

   "The Navy has not yet received a formal complaint on the issue,"  said
a Navy official, who declined to be named. "Until the Navy receives a
formal complaint with details, there's not much we can do to proceed
further." 

   Merchant Technology Ltd., in Bath, England, can be reached at 44
(1225) 481 015. The Whale and Dolphin Conservation Society, also in
Bath, can be reached at 44 (1225) 334 511 or
   http://www.wdcs.org.




Reply From: "Schadey, Robert" 

Another example of irresponsible reporting.  It's common practice for
hackers to hack into one system, set themselves up as a user and the go
hack into another system.  So it wasn't the U.S. Navy hacking into the
British system, the Navy was also a victim.  If the reporter had taken 5
minutes to check this out the story would have been "Hacker Breaks Into
Navy Computer."